Jun 18, 2025Ravie LakshmananVulnerability / Knowledge Safety
Veeam has rolled out patches to include a crucial safety flaw impacting its Backup & Replication software program that would end in distant code execution beneath sure circumstances.
The safety defect, tracked as CVE-2025-23121, carries a CVSS rating of 9.9 out of a most of 10.0.
“A vulnerability permitting distant code execution (RCE) on the Backup Server by an authenticated area consumer,” the corporate mentioned in an advisory.
CVE-2025-23121 impacts all earlier model 12 builds, together with 12.3.1.1139. It has been addressed in model 12.3.2 (construct 12.3.2.3617). Safety researchers at CODE WHITE GmbH and watchTowr have been credited with discovering and reporting the vulnerability.
Cybersecurity firm Rapid7 famous that the replace doubtless addresses considerations shared by CODE WHITE in late March 2025 that the patch put in place to plug the same gap (CVE-2025-23120, CVSS rating: 9.9) might be bypassed.
Additionally addressed by Veeam is one other flaw in the identical product (CVE-2025-24286, CVSS rating: 7.2) that enables an authenticated consumer with the Backup Operator position to switch backup jobs, which might end in arbitrary code execution.
The American firm individually patched a vulnerability that affected Veeam Agent for Microsoft Home windows (CVE-2025-24287, CVSS rating: 6.1) that allows native system customers to switch listing contents, resulting in code execution with elevated permissions. The problem has been patched in model 6.3.2 (construct 6.3.2.1205).
In keeping with Rapid7, greater than 20% of its incident response instances in 2024 concerned both the entry or exploitation of Veeam, as soon as a risk actor has already established a foothold within the goal atmosphere.
With safety flaws in Veeam backup software program turning into a main goal for attackers in recent times, it is essential that prospects replace to the most recent model of the software program with speedy impact.
Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.
